Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/pa6id_bGx9tVF3g9JuXPuDujthQ.roa
File: pa6id_bGx9tVF3g9JuXPuDujthQ.roa (raw, json)
Hash identifier: OG9LBwYC4940ny1TYRlPCWRTjm+UjpipJbf2wGu5/vE=
Subject key identifier: A5:AE:A2:77:F6:C6:C7:DB:55:17:78:3D:26:E5:CF:B8:3B:A3:B6:14
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0678
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/pa6id_bGx9tVF3g9JuXPuDujthQ.roa
Signing time: Thu 15 May 2025 17:08:03 +0000
ROA not before: Thu 15 May 2025 17:08:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1656 (0x678)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 17:08:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A5AEA277F6C6C7DB5517783D26E5CFB83BA3B614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9d:5f:1c:4e:7a:6f:f9:09:51:b6:c5:1f:4a:
b8:90:c3:f9:9b:f8:ad:11:0a:23:69:8e:f8:61:e8:
36:6f:b1:ad:f3:1e:7e:72:34:76:3d:78:c6:cd:7a:
98:b5:de:fb:ad:4c:e8:ca:5a:22:b0:2c:68:9a:f8:
c2:66:58:4c:dc:43:7d:ce:a1:2c:f8:05:71:ae:0e:
c5:be:f7:ea:3a:74:42:bc:a7:79:32:6f:d2:66:af:
4a:fd:00:f7:06:e8:24:a0:7d:ff:78:3c:d4:6b:6b:
85:04:a1:fe:b4:50:f8:09:a7:c6:23:8d:28:42:f6:
e0:ac:33:ed:21:cb:4a:d5:7e:13:62:43:19:3c:55:
27:82:ca:70:c1:8c:a7:85:e4:d7:21:b9:7e:d1:58:
06:28:47:d0:d8:ef:c1:eb:63:b8:18:d3:83:b2:0b:
8c:0e:57:8a:6e:48:cb:8a:13:27:80:18:42:28:3d:
ed:ff:b4:43:ee:be:c3:17:2e:93:66:d8:21:c5:42:
c7:3b:02:a4:0b:42:f7:60:ed:73:0d:60:1b:f8:87:
dd:30:f0:dc:f6:50:31:37:49:10:7b:ad:94:0d:d4:
3f:f5:ea:a9:a2:db:a6:b1:f2:34:ab:0a:b6:81:a3:
ce:01:5c:cc:eb:73:21:f3:92:5e:7d:d8:e3:19:11:
e6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:AE:A2:77:F6:C6:C7:DB:55:17:78:3D:26:E5:CF:B8:3B:A3:B6:14
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/pa6id_bGx9tVF3g9JuXPuDujthQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
67:27:33:59:55:14:c3:97:eb:ba:da:54:95:a2:9b:ce:44:51:
a8:ef:be:94:5b:f4:4b:c5:98:e5:3a:b6:78:a1:78:17:c5:72:
9c:6a:0c:2b:d2:28:a7:9e:81:9b:98:3b:d1:14:2b:b4:ea:e4:
53:9f:7f:f3:5b:4c:a4:a3:6f:2c:46:c3:db:02:49:9a:21:a1:
12:f9:78:56:a5:ad:6a:21:ee:2d:a0:4a:e7:92:2b:57:16:bf:
c7:bf:3b:c1:7a:0c:2f:34:d6:e3:d8:8f:77:ba:d1:9e:99:b8:
13:a2:29:9e:9f:d0:6d:4d:d0:df:d3:24:bf:21:62:6f:34:b3:
d3:50:ee:46:94:17:7a:f1:10:8d:a8:61:96:fa:14:62:de:a8:
a6:1a:42:8d:ca:c4:b6:f4:62:db:ca:fd:01:ba:ac:9c:46:34:
2b:d5:9b:97:28:14:bd:9f:34:82:a1:f0:6d:4d:d2:db:6e:0c:
93:2d:5e:dd:25:4d:fb:88:5b:d0:09:93:77:8f:0b:ae:0f:9a:
a9:ce:c3:b9:c5:0b:82:f4:2c:4a:93:3c:89:20:d0:f9:09:f4:
cf:97:63:0b:4d:ae:b0:1d:bd:e0:e1:6a:89:1b:5a:80:ff:e2:
33:51:ee:31:aa:53:f1:71:51:2e:11:17:6a:77:1d:85:51:b7:
99:a1:58:b3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBngwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUx
NzA4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE1QUVBMjc3RjZDNkM3
REI1NTE3NzgzRDI2RTVDRkI4M0JBM0I2MTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBnV8cTnpv+QlRtsUfSriQw/mb+K0RCiNpjvhh6DZvsa3zHn5y
NHY9eMbNepi13vutTOjKWiKwLGia+MJmWEzcQ33OoSz4BXGuDsW+9+o6dEK8p3ky
b9Jmr0r9APcG6CSgff94PNRra4UEof60UPgJp8YjjShC9uCsM+0hy0rVfhNiQxk8
VSeCynDBjKeF5NchuX7RWAYoR9DY78HrY7gY04OyC4wOV4puSMuKEyeAGEIoPe3/
tEPuvsMXLpNm2CHFQsc7AqQLQvdg7XMNYBv4h90w8Nz2UDE3SRB7rZQN1D/16qmi
26ax8jSrCraBo84BXMzrcyHzkl592OMZEeY9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUpa6id/bGx9tVF3g9JuXPuDujthQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9wYTZpZF9iR3g5dFZGM2c5
SnVYUHVEdWp0aFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGcnM1lVFMOX67raVJWim85EUajvvpRb9EvF
mOU6tniheBfFcpxqDCvSKKeegZuYO9EUK7Tq5FOff/NbTKSjbyxGw9sCSZohoRL5
eFalrWoh7i2gSueSK1cWv8e/O8F6DC801uPYj3e60Z6ZuBOiKZ6f0G1N0N/TJL8h
Ym80s9NQ7kaUF3rxEI2oYZb6FGLeqKYaQo3KxLb0YtvK/QG6rJxGNCvVm5coFL2f
NIKh8G1N0ttuDJMtXt0lTfuIW9AJk3ePC64PmqnOw7nFC4L0LEqTPIkg0PkJ9M+X
YwtNrrAdveDhaokbWoD/4jNR7jGqU/FxUS4RF2p3HYVRt5mhWLM=
-----END CERTIFICATE-----
Generated at Sun May 18 18:48:19 2025 by rpki-client